Re: [FW-1] http allow ranges

Fri, 22 Oct 2004 13:30:29 -0700 

Hello,

the "Range" or "If-Range" headers are used to request a part of an
object from a web server. An object can be a file (web page, image file,
program etc) or a responce from a script running on the web server.
Download managers (such as Getright) can use these headers to download
the part of the file that is missing in case the download is
interrupted. If you permit http ranges and you are using HTTP resources
with CVP, the CVP server will not be able to inspect the (part of the)
file your are downloading, since it will not be complete.


MÏnica Salvia wrote:

Hi experts,

We are having some problems to connect to a web server from the internet.
The message in the log says:

Action: Reject
reason: Web security: range request blocked.
HTTP Request containing a `Range:Â or `If-Range:Â header (used by download
managers like `GetrightÂ) are blocked. To allow, set the
`http_allow_ranges property to `trueÂ.


My question is, if I set the http_allow_ranges to true, what kind of risks
I could be facing?
Thanks,

mÃnica

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================




=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================

Reply via email to